ivatar issueshttps://git.linux-kernel.at/oliver/ivatar/-/issues2021-09-06T11:50:41Zhttps://git.linux-kernel.at/oliver/ivatar/-/issues/34ivatar vs. libravatar name on home page2021-09-06T11:50:41ZGhost Userivatar vs. libravatar name on home pageHello, I think we want the home page on https://libravatar.fedorainfracloud.org/ to say:
"libravatar"
"freeing the web one face at a time"
instead of:
"ivatar"
"freeing the web one face at a time"
I understand ivatar is the name of t...Hello, I think we want the home page on https://libravatar.fedorainfracloud.org/ to say:
"libravatar"
"freeing the web one face at a time"
instead of:
"ivatar"
"freeing the web one face at a time"
I understand ivatar is the name of the software but i don't think users need to know the software is actually named differently.
Similarly, we should modify:
<title>iVatar :: federated avatar hosting service</title>
Maybe this can be done by adding a configuration variable SERVICE_NAME and using that in the template?https://git.linux-kernel.at/oliver/ivatar/-/issues/35check tool doesn't work properly2021-09-06T11:50:48ZGhost Usercheck tool doesn't work properlyHello!
on https://libravatar-stg.fedorainfracloud.org/, I've deleted all the users to start from a fresh environment. I then created user clime, added an openID https://clime.id.fedoraproject.org and uploaded a photo for this openID.
I...Hello!
on https://libravatar-stg.fedorainfracloud.org/, I've deleted all the users to start from a fresh environment. I then created user clime, added an openID https://clime.id.fedoraproject.org and uploaded a photo for this openID.
I then tried to check the openID and the photo for it by the check tool but check tool doesn't display the photo for some reason, when I put https://clime.id.fedoraproject.org into OpenId field, just a default avatar for sha512 is displayed.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/36on libravatar-stg there is still the "old" navbar on homepage when logged in2021-09-06T11:50:55ZGhost Useron libravatar-stg there is still the "old" navbar on homepage when logged inHello, when I am logged in on libravatar-stg (devel branch), I get the "old" navbar displayed. I think this has been updated in a recent PR.
![Screenshot_from_2019-02-05_20-44-47](/uploads/aedbdc378fcde45457c79babd6e30666/Screenshot_fro...Hello, when I am logged in on libravatar-stg (devel branch), I get the "old" navbar displayed. I think this has been updated in a recent PR.
![Screenshot_from_2019-02-05_20-44-47](/uploads/aedbdc378fcde45457c79babd6e30666/Screenshot_from_2019-02-05_20-44-47.png)https://git.linux-kernel.at/oliver/ivatar/-/issues/37libravatar's sends email with FROM: accounts@mg.linux-kernel.at2021-09-06T11:51:01ZGhost Userlibravatar's sends email with FROM: accounts@mg.linux-kernel.atI think it might be related to the following settings in config.py (although it comes before `DEFAULT_FROM_EMAIL = os.environ.get('DEFAULT_FROM_EMAIL', 'ivatar@mg.linux-kernel.at')` strangely).
```
SERVER_EMAIL = 'accounts@mg.linux-kern...I think it might be related to the following settings in config.py (although it comes before `DEFAULT_FROM_EMAIL = os.environ.get('DEFAULT_FROM_EMAIL', 'ivatar@mg.linux-kernel.at')` strangely).
```
SERVER_EMAIL = 'accounts@mg.linux-kernel.at'
DEFAULT_FROM_EMAIL = SERVER_EMAIL
```
...Actually looking into models.py `SERVER_EMAIL` varaiable is used as `send_email`'s parameter.
We probably want to:
```
SERVER_EMAIL = os.environ.get('SERVER_EMAIL', 'accounts@mg.linux-kernel.at')
```
Or maybe we can just keep `DEFAULT_FROM_EMAIL`?https://git.linux-kernel.at/oliver/ivatar/-/issues/38disable exception stacktraces getting into browser on production2021-09-06T11:51:05ZGhost Userdisable exception stacktraces getting into browser on productionHello, on production (https://libravatar.fedorainfracloud.org), right now, when an exception is raised, it gets displayed in browser. We should very likely disable it for production. I am now not sure which Django settings influences it ...Hello, on production (https://libravatar.fedorainfracloud.org), right now, when an exception is raised, it gets displayed in browser. We should very likely disable it for production. I am now not sure which Django settings influences it but we definitely want a different settings for production and different for developement.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/39For email confirmation, you need to be logged when clicking on a link in the ...2021-09-06T11:51:16ZGhost UserFor email confirmation, you need to be logged when clicking on a link in the emailThis is rather a question. I noticed I need to be logged in when clicking a confirm link in the received confirmation email. If I am not logged in into libravatar at that moment, the email want get verified/confirmed. I don't think being...This is rather a question. I noticed I need to be logged in when clicking a confirm link in the received confirmation email. If I am not logged in into libravatar at that moment, the email want get verified/confirmed. I don't think being logged in is usually required when confirming an email address.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/43Wrong page returned for a hash of invalid length2021-09-06T11:52:07ZGhost UserWrong page returned for a hash of invalid lengthWith a short hash like 55a407f5 ivatar returns an HTML error page stating “incorrect digest length” but with an HTTP code of 200, which is confusing. Latest discussions stated libravatar implementations should do they best to return an i...With a short hash like 55a407f5 ivatar returns an HTML error page stating “incorrect digest length” but with an HTTP code of 200, which is confusing. Latest discussions stated libravatar implementations should do they best to return an image, so perhaps nobody.png should returned here. At least it should be an HTTP code 400 or such.
Example:
$ curl -i "https://libravatar-stg.fedorainfracloud.org/avatar/55a407f >
HTTP/1.1 200 OKOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/44Valid hash with a forced default option redirects to an invalid page2021-09-06T11:52:22ZGhost UserValid hash with a forced default option redirects to an invalid pageA request for a valid hash such as `4751ed9aae86881d2b45dd0512c3e14a` with a invalid default such as `unicorn` works fine unless the forcedefault option is used. In this case ivatar redirects to an invalid page using `unicorn` as the has...A request for a valid hash such as `4751ed9aae86881d2b45dd0512c3e14a` with a invalid default such as `unicorn` works fine unless the forcedefault option is used. In this case ivatar redirects to an invalid page using `unicorn` as the hash.
A request for an invalid hash with an invalid forced default correctly returns nobody.png.
Example:
```
$ curl -i "https://libravatar-stg.fedorainfracloud.org/avatar/4751ed9aae86881d2b45dd0512c3e14a?d=unicorn&f=y"
HTTP/1.1 302 Found
Date: Tue, 19 Feb 2019 15:44:44 GMT
Server: Apache/2.4.34 (Fedora) OpenSSL/1.1.0i-fips mod_wsgi/4.5.20 Python/3.6
Strict-Transport-Security: max-age=31536000; preload
Location: unicorn
Content-Length: 0
Vary: Accept-Language,Cookie
Content-Language: en
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
```Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/46Some pictures are not resized2021-09-06T11:52:37ZGhost UserSome pictures are not resizedI checked with two different pictures:
- ![black](/uploads/3c963f7c4702d85fea7618e2cd8d9cc8/black.png) a 512x512 1-bit PNG image ;
- ![wb](/uploads/31bc0aadbabf610eda26625971a7aeed/wb.png) a 32x32 2-bit PNG image.
The first one is corr...I checked with two different pictures:
- ![black](/uploads/3c963f7c4702d85fea7618e2cd8d9cc8/black.png) a 512x512 1-bit PNG image ;
- ![wb](/uploads/31bc0aadbabf610eda26625971a7aeed/wb.png) a 32x32 2-bit PNG image.
The first one is correctly displayed as a 80x80 image when requested without the size option and again correctly resized to other size.
The second is not, ever.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/47check tool doesn't display SHA256 avatars (email)2021-09-06T11:52:45ZGhost Usercheck tool doesn't display SHA256 avatars (email)I use my own libravatar server. The check tool does display the MD5 picture, but not the SHA256 picture. You can replicate with the email address `testlibravatar@tastytea.de`. The server returns the right image¹ and it worked with the ol...I use my own libravatar server. The check tool does display the MD5 picture, but not the SHA256 picture. You can replicate with the email address `testlibravatar@tastytea.de`. The server returns the right image¹ and it worked with the old check tool.
¹ https://avatar.tastytea.de/avatar/926ccda19cfe96f3d714506c74ad3101e5cdfec95aaacef99b7f39242636a3b2
![screenshot_2019-02-19T22_01_31](/uploads/cd66e0f6ccc96ad0117b7c3ecd60418d/screenshot_2019-02-19T22_01_31.png)Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/48Retro images have a margin on the bottom and right sides2021-09-06T11:52:52ZGhost UserRetro images have a margin on the bottom and right sidesThe image generated with the default=retro option have a margin or internal border of some sort:
Example:
https://www.libravatar.org/avatar/13294c5d1d80d103b665a3596a7ed975e75e356b5b6af178eaf097b7c3130bf3?s=60&forcedefault=y&default=re...The image generated with the default=retro option have a margin or internal border of some sort:
Example:
https://www.libravatar.org/avatar/13294c5d1d80d103b665a3596a7ed975e75e356b5b6af178eaf097b7c3130bf3?s=60&forcedefault=y&default=retro
Attached here:
![retro](/uploads/1b7d7c0e858be5b6128382ce3b6c4ddd/retro.png)https://git.linux-kernel.at/oliver/ivatar/-/issues/49Content-Type should be "image/jpeg", not "image/jpg"2021-09-06T11:53:02ZGhost UserContent-Type should be "image/jpeg", not "image/jpg"The following:
```console
curl -I "https://seccdn.libravatar.org/avatar/63a75a80e6b1f4adfdb04c1ca02e596c?s=72&d=monsterid"
```
result in:
```http
HTTP/1.1 200 OK
Date: Wed, 27 Feb 2019 13:42:43 GMT
Server: Apache/2.4.34 (Fedora) Open...The following:
```console
curl -I "https://seccdn.libravatar.org/avatar/63a75a80e6b1f4adfdb04c1ca02e596c?s=72&d=monsterid"
```
result in:
```http
HTTP/1.1 200 OK
Date: Wed, 27 Feb 2019 13:42:43 GMT
Server: Apache/2.4.34 (Fedora) OpenSSL/1.1.0i-fips mod_wsgi/4.5.20 Python/3.6
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-Length: 2210
Vary: Accept-Language,Cookie
Content-Language: en
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpg
```
I suppose `Content-Type` should be `image/jpeg`Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/50Cache-Control and Expires2021-09-06T11:53:10ZGhost UserCache-Control and ExpiresWhen setting up a localhost caching reverse proxy I noticed that libravatar.org doesn't set the `Cache-Control` (and `Expires`) header.
Gravatar sets
```http
Cache-Control: max-age=300
```
Should libravatar use something similar?
T...When setting up a localhost caching reverse proxy I noticed that libravatar.org doesn't set the `Cache-Control` (and `Expires`) header.
Gravatar sets
```http
Cache-Control: max-age=300
```
Should libravatar use something similar?
The [libravatar API](https://wiki.libravatar.org/api/) only mentioned caching in relation to SRV records (1 day = 24 hour?). Should avatars itself be allowed to be cached for 24 hours?
In @tastytea's [libravatarserv](https://schlomp.space/tastytea/libravatarserv) example config for nginx the `Expires` and `Cache-Control` are set to 86400 (24 hours) (+ `Cache-Control` adds `public`):
<https://schlomp.space/tastytea/libravatarserv/src/commit/de7e61a2fed91c0be3ab787907ff39f7f72b4043/doc/nginx-example.conf#L12-L14>
Since the libravatar api very much rely on query string it's affected by <https://httpd.apache.org/docs/trunk/caching.html#http-caching>, under "What Can be Cached?":
> If the URL included a query string (e.g. from a HTML form GET
> method) it will not be cached unless the response specifies an
> explicit expiration by including an "Expires:" header or the
> max-age or s-maxage directive of the "Cache-Control:" header, as
> per RFC2616 sections 13.9 and 13.2.1.
I suppose this might affect caching in clients? I haven't checked that.
Using [mod_expires](https://httpd.apache.org/docs/2.4/mod/mod_expires.html) I used something like:
```apache
ExpiresActive On
ExpiresDefault "A86400"
Header merge "Cache-Control" "public"
```
(Maybe
```apache
ExpiresDefault "access plus 24 hours"`
```
is a bit more readable.)https://git.linux-kernel.at/oliver/ivatar/-/issues/51Libravator logo link in wiki is broken2021-09-06T11:53:18ZGhost UserLibravator logo link in wiki is brokenIn the [wiki](https://wiki.libravatar.org) there was a link to a Libravatar logo, which is currently broken. It points to https://seccdn.libravatar.org/nobody/256.png.In the [wiki](https://wiki.libravatar.org) there was a link to a Libravatar logo, which is currently broken. It points to https://seccdn.libravatar.org/nobody/256.png.https://git.linux-kernel.at/oliver/ivatar/-/issues/52No Identica importer2021-09-06T11:53:25ZGhost UserNo Identica importerHello,
While reading the old [photo importers](https://github.com/libravatar/wiki.libravatar.org/commit/89804fc50d4ae61c8bc31daed8254cb0fdaaf66c) page I discovered the previous version of Libravatar had support for automatic import of p...Hello,
While reading the old [photo importers](https://github.com/libravatar/wiki.libravatar.org/commit/89804fc50d4ae61c8bc31daed8254cb0fdaaf66c) page I discovered the previous version of Libravatar had support for automatic import of picture from the Identica micro-blogging platform.
Nobody complained about it so far so we should just document this regression somewhere.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/54Problem in PIL/Image.py2021-09-06T11:53:33ZGhost UserProblem in PIL/Image.pyHello!
in error.log we have lots of errors that goes like this:
```
[Mon Mar 04 01:56:23.783813 2019] [wsgi:error] [pid 20992:tid 140345052468992] """)
Exception ignored in: <object repr() failed>
Traceback (most recent call last):
...Hello!
in error.log we have lots of errors that goes like this:
```
[Mon Mar 04 01:56:23.783813 2019] [wsgi:error] [pid 20992:tid 140345052468992] """)
Exception ignored in: <object repr() failed>
Traceback (most recent call last):
File "/mnt/data/.virtualenv/lib/python3.6/site-packages/PIL/Image.py", line 614, in __del__
NameError: name 'hasattr' is not defined
Exception ignored in: <object repr() failed>
Traceback (most recent call last):
File "/mnt/data/.virtualenv/lib/python3.6/site-packages/PIL/Image.py", line 614, in __del__
NameError: name 'hasattr' is not defined
Exception ignored in: <object repr() failed>
Traceback (most recent call last):
File "/mnt/data/.virtualenv/lib/python3.6/site-packages/PIL/Image.py", line 614, in __del__
NameError: name 'hasattr' is not defined
```
Would it be possible to fix somehow?
These are not the only errors but the other seems to be a problem in deployment related to deprecation of psycopg2 wheel package. I need to take a look at it.https://git.linux-kernel.at/oliver/ivatar/-/issues/55Check tool, compatiblity with previous version2021-09-06T11:53:40ZGhost UserCheck tool, compatiblity with previous versionHello,
Our wiki and probably external documents mention the old check tool under the following URL: https://www.libravatar.org/tools/check_domain.
Can we provide a redirect to the new one ?
Regards.Hello,
Our wiki and probably external documents mention the old check tool under the following URL: https://www.libravatar.org/tools/check_domain.
Can we provide a redirect to the new one ?
Regards.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/57Add CORS headers to returned avatars2021-09-06T11:53:49ZGhost UserAdd CORS headers to returned avatarsHello! :wave:
Could you consider adding CORS header (`Access-Control-Allow-Origin: *`) to avatar image responses? Gravatar uses it and it allows fetching avatars without cookies or any other tracking information through `<img src="..."...Hello! :wave:
Could you consider adding CORS header (`Access-Control-Allow-Origin: *`) to avatar image responses? Gravatar uses it and it allows fetching avatars without cookies or any other tracking information through `<img src="..." crossorigin=anonymous>`
More details here: https://developer.mozilla.org/en-US/docs/Web/HTML/CORS_settings_attributes
Reported here: https://photog.social/users/libravatar/statuses/102265339201031638Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/59Email in settings is not editable2021-09-06T11:54:03ZGhost UserEmail in settings is not editableGo to `/accounts/pref/`
There is only one option - email, and you can't edit it
Maybe change it to a select with verified emailsGo to `/accounts/pref/`
There is only one option - email, and you can't edit it
Maybe change it to a select with verified emailsWinter Sprint 2022Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/66libravatar disable upload new photo when user reached max allowed photos limit2021-09-06T11:54:36ZGhost Userlibravatar disable upload new photo when user reached max allowed photos limitFrom libravatar IRC:
```
18:20:10 opal | suggestion: disable the "upload new photo" button if user has reached max allowed photos
18:20:26 opal | its annoying to go through the upload process only to find out it wouldnt have worked a...From libravatar IRC:
```
18:20:10 opal | suggestion: disable the "upload new photo" button if user has reached max allowed photos
18:20:26 opal | its annoying to go through the upload process only to find out it wouldnt have worked anyway
```Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.at